Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

favdownloads malware?


  • Please log in to reply
4 replies to this topic

#1 Nunbet1037

Nunbet1037

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:11:11 AM

Posted 29 December 2014 - 08:33 PM

I've been getting a warning from my ESET NOD32 that it's blocking a program contacting the favdownloads website while IE window is open.  I've been looking for this little Trojan for a few days now and I'm wondering how to nuke it.  I'm also getting a lot of default browser change notices that vary from "an unknown program is trying to change your browser settings...." to "Internet Explorer reset your default browser because it was corrupt .... Do you want to change your default browser to Bing?"  I don't use Bing and I find that it's been tossed back in the search provider listing--even after I've deleted it--when restarting IE.  Currently running IE11 on a Win7 x64 PC with multiple users.  ESET NOD32 operates for virus protection.  CCleaner network edition for "junk removal" (it runs across all users).  I've MBAM scanned on a few of the users with no detections.  Wondering if the multiple users is keeping me from doing a good clean because MBAM and other programs are limited to the operating user.  PC is on a network behind a Cisco router with onboard firewall.  Thoughts? I can run and post scan logs, etc.  Just let me know which ones you want me to run.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,556 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:11 AM

Posted 29 December 2014 - 08:39 PM

Hello Nunbet


First go into your browser look for and disable or remove any unwanted add-ons from there...

How to Disable Extensions in Internet Explorer


Now lets run these and see what else is here.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Nunbet1037

Nunbet1037
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:11:11 AM

Posted 03 January 2015 - 04:15 PM

boopme, thanks for the reply.  Sorry it's taken a few days to respond to your post, but the office has been closed until today.  I make sure that all IE versions are running with ALL add-on extensions disabled, so that's already been done.  Running the progs and will post the reports shortly.



#4 Nunbet1037

Nunbet1037
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:11:11 AM

Posted 03 January 2015 - 05:55 PM

Here are the scan logs:

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by RPA (administrator) on 03-01-2015 at 16:13:37
Running from "C:\Users\RPA\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
802.11n Wireless LAN Card = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.104 metric=1 publish=Yes

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : SanctuaryTwr01
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : WRVS4400Nv2

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 20-68-9D-05-DC-E6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : WRVS4400Nv2
   Description . . . . . . . . . . . : 802.11n Wireless LAN Card
   Physical Address. . . . . . . . . : 20-68-9D-05-DC-E7
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : WRVS4400Nv2
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : EC-A8-6B-20-73-6D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::eda3:8408:966a:36aa%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.120(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, January 03, 2015 10:03:01 AM
   Lease Expires . . . . . . . . . . : Sunday, January 04, 2015 10:03:01 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 250390635
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-AC-9E-16-EC-A8-6B-20-73-6D
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:cab:1105:b9f0:67c(Preferred)
   Link-local IPv6 Address . . . . . : fe80::cab:1105:b9f0:67c%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.WRVS4400Nv2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : WRVS4400Nv2
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.1.1

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.

Pinging google.com [204.186.48.39] with 32 bytes of data:
Reply from 204.186.48.39: bytes=32 time=24ms TTL=61
Reply from 204.186.48.39: bytes=32 time=22ms TTL=61

Ping statistics for 204.186.48.39:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 22ms, Maximum = 24ms, Average = 23ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24
   98.138.253.109
   206.190.36.45

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=41ms TTL=55
Reply from 98.139.183.24: bytes=32 time=37ms TTL=55

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 37ms, Maximum = 41ms, Average = 39ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...20 68 9d 05 dc e6 ......Microsoft Virtual WiFi Miniport Adapter
 12...20 68 9d 05 dc e7 ......802.11n Wireless LAN Card
 11...ec a8 6b 20 73 6d ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.120     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0    192.168.1.104    192.168.1.120     31
      192.168.1.0    255.255.255.0         On-link     192.168.1.120    286
    192.168.1.120  255.255.255.255         On-link     192.168.1.120    286
    192.168.1.255  255.255.255.255         On-link     192.168.1.120    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.120    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.120    286
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
      169.254.0.0      255.255.0.0    192.168.1.104       1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:5ef5:79fb:cab:1105:b9f0:67c/128
                                    On-link
 11    286 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::cab:1105:b9f0:67c/128
                                    On-link
 11    286 fe80::eda3:8408:966a:36aa/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 11    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/03/2015 10:49:06 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Professional Services Edition 2014":
Got unexpected error 5 in call to NetShareGetInfo for path \\Sanctuary-net\sanctuary public\Accounting and Finance\ACTIVE COMPANY FILE\CURRENT SANCTUARY COMPANY FILE-WORKING.QBW

Error: (01/03/2015 10:49:01 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Professional Services Edition 2014":
Got unexpected error 5 in call to NetShareGetInfo for path \\Sanctuary-net\sanctuary public\Accounting and Finance\ACTIVE COMPANY FILE\CURRENT SANCTUARY COMPANY FILE-WORKING.QBW

Error: (01/03/2015 10:09:04 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Professional Services Edition 2014":
Got unexpected error 5 in call to NetShareGetInfo for path \\Sanctuary-net\sanctuary public\Accounting and Finance\ACTIVE COMPANY FILE\CURRENT SANCTUARY COMPANY FILE-WORKING.QBW

Error: (01/03/2015 10:08:18 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Professional Services Edition 2014":
Got unexpected error 5 in call to NetShareGetInfo for path \\Sanctuary-net\sanctuary public\Accounting and Finance\ACTIVE COMPANY FILE\CURRENT SANCTUARY COMPANY FILE-WORKING.QBW

Error: (01/03/2015 10:04:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2015 01:13:03 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Professional Services Edition 2014":
Error creating connection 3 in DBConnPool::GetConnection().

Error: (01/01/2015 01:13:03 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Professional Services Edition 2014":
CON=QBConn\192.168.1.120\24\0\4\8\777-409\7199-9689-2338-236\5\0\1\55358\192.168.1.122;;DBF=S:\Accounting and Finance\ACTIVE COMPANY FILE\CURRENT SANCTUARY COMPANY FILE-WORKING.QBW;CommLinks="tcpip(IP=192.168.1.122;DOBROADCAST=NONE;port=55358)";ServerName=QB_Sanctuary-net_24;DBN=457c6954c21f4e9ba5f00245f647295c;CharSet=none

Error: (01/01/2015 01:13:03 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Professional Services Edition 2014":
Connection Error:Database server not found

Error: (01/01/2015 01:13:03 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Professional Services Edition 2014":
DBConnPool::HandleConnectionError errorCode:-6010, dbCode:-100 from file:'.\.\src\connpool.cpp' at line 1335 from function:'DBMgr::DBConnPool::CreateConnection'

Error: (01/01/2015 01:12:59 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Professional Services Edition 2014":
Error creating connection 3 in DBConnPool::GetConnection().

System errors:
=============
Error: (01/03/2015 10:06:26 AM) (Source: DCOM) (User: )
Description: {9E14B23B-5D8A-447F-B962-6D6D6897861E}

Error: (01/03/2015 10:04:15 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/01/2015 01:15:04 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/31/2014 04:11:24 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (12/30/2014 06:38:50 PM) (Source: DCOM) (User: )
Description: {20A10BD4-0FF4-45E8-87EF-D2708E99CEAA}

Error: (12/30/2014 05:57:00 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (12/29/2014 08:09:25 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (12/29/2014 08:06:21 PM) (Source: DCOM) (User: )
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Microsoft Office Sessions:
=========================
Error: (01/03/2015 10:49:06 AM) (Source: QuickBooks)(User: )
Description: QuickBooks: Premier Professional Services Edition 2014Got unexpected error 5 in call to NetShareGetInfo for path \\Sanctuary-net\sanctuary public\Accounting and Finance\ACTIVE COMPANY FILE\CURRENT SANCTUARY COMPANY FILE-WORKING.QBW

Error: (01/03/2015 10:49:01 AM) (Source: QuickBooks)(User: )
Description: QuickBooks: Premier Professional Services Edition 2014Got unexpected error 5 in call to NetShareGetInfo for path \\Sanctuary-net\sanctuary public\Accounting and Finance\ACTIVE COMPANY FILE\CURRENT SANCTUARY COMPANY FILE-WORKING.QBW

Error: (01/03/2015 10:09:04 AM) (Source: QuickBooks)(User: )
Description: QuickBooks: Premier Professional Services Edition 2014Got unexpected error 5 in call to NetShareGetInfo for path \\Sanctuary-net\sanctuary public\Accounting and Finance\ACTIVE COMPANY FILE\CURRENT SANCTUARY COMPANY FILE-WORKING.QBW

Error: (01/03/2015 10:08:18 AM) (Source: QuickBooks)(User: )
Description: QuickBooks: Premier Professional Services Edition 2014Got unexpected error 5 in call to NetShareGetInfo for path \\Sanctuary-net\sanctuary public\Accounting and Finance\ACTIVE COMPANY FILE\CURRENT SANCTUARY COMPANY FILE-WORKING.QBW

Error: (01/03/2015 10:04:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2015 01:13:03 PM) (Source: QuickBooks)(User: )
Description: QuickBooks: Premier Professional Services Edition 2014Error creating connection 3 in DBConnPool::GetConnection().

Error: (01/01/2015 01:13:03 PM) (Source: QuickBooks)(User: )
Description: QuickBooks: Premier Professional Services Edition 2014CON=QBConn\192.168.1.120\24\0\4\8\777-409\7199-9689-2338-236\5\0\1\55358\192.168.1.122;;DBF=S:\Accounting and Finance\ACTIVE COMPANY FILE\CURRENT SANCTUARY COMPANY FILE-WORKING.QBW;CommLinks="tcpip(IP=192.168.1.122;DOBROADCAST=NONE;port=55358)";ServerName=QB_Sanctuary-net_24;DBN=457c6954c21f4e9ba5f00245f647295c;CharSet=none

Error: (01/01/2015 01:13:03 PM) (Source: QuickBooks)(User: )
Description: QuickBooks: Premier Professional Services Edition 2014Connection Error:Database server not found

Error: (01/01/2015 01:13:03 PM) (Source: QuickBooks)(User: )
Description: QuickBooks: Premier Professional Services Edition 2014DBConnPool::HandleConnectionError errorCode:-6010, dbCode:-100 from file:'.\.\src\connpool.cpp' at line 1335 from function:'DBMgr::DBConnPool::CreateConnection'

Error: (01/01/2015 01:12:59 PM) (Source: QuickBooks)(User: )
Description: QuickBooks: Premier Professional Services Edition 2014Error creating connection 3 in DBConnPool::GetConnection().

 

=========================== Installed Programs ============================
Adobe Acrobat XI Pro (HKLM-x32\...\{23D3F585-AE29-4670-8E3E-64A0EFB29240}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.0.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.5 64-bit (HKLM\...\{19BBD0F3-7A31-480D-8A23-19AE28035E9C}) (Version: 5.5.0 - Adobe Systems Incorporated)
Adobe Prelude CC 2014 (HKLM-x32\...\{2A054E48-0A75-42BD-8738-EC9AB4E2207A}) (Version: 3.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.0.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe SpeedGrade CC 2014 (HKLM-x32\...\{8EFF28F0-9DFD-4208-9E04-4D49A4812CF3}) (Version: 8.0.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Adobe® Content Viewer (x32 Version: 3.4.3 - Adobe Systems, Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avery Wizard 5.0 (HKLM-x32\...\{D43E122B-C053-4545-999A-2219BF8F6422}) (Version: 5.0.3 - Avery)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
Canon MG7100 series On-screen Manual (HKLM-x32\...\Canon MG7100 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG7100 series User Registration (HKLM-x32\...\Canon MG7100 series User Registration) (Version:  - ?Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner Network Endpoint Agent (HKLM-x32\...\{F6CAFC2F-914C-493D-A93C-46266F24EE59}) (Version: 2.06.4023 - Piriform)
Constant Contact InfoTransfer for QuickBooks (HKLM-x32\...\CCInfoTransfer) (Version: 2.1 - Constant Contact)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell V305 (HKLM\...\Dell V305) (Version:  - Dell, Inc.)
ESET NOD32 Antivirus (HKLM\...\{87CA8C0A-D865-48B6-B521-B3DB1771D565}) (Version: 6.0.308.0 - ESET, spol s r. o.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
QuickBooks (x32 Version: 24.0.4008.2403 - Intuit Inc.) Hidden
QuickBooks File Doctor (HKLM-x32\...\{5EF6FF75-C1F4-44D3-9A63-10257B30312A}) (Version: 3.6.3 - Intuit)
QuickBooks Premier: Professional Services Edition 2014 (HKLM-x32\...\{451580AA-4A25-4942-919F-5C6AE7DB14D4}) (Version: 24.0.4001.2403 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
QuickVPN Client (HKLM-x32\...\{5C8AE145-C9F7-4883-9750-7ECD2B41CCCA}) (Version: 1.4.2.1 - Cisco  Small Business)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
RingCentral Softphone (HKLM-x32\...\{52F10407-8CF3-4EEB-8D4A-9AA02AE861FC}) (Version: 6.04.001.50 - RingCentral, Inc)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 28.1.83040 - Sonos, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TheraScribe 5 (HKLM-x32\...\{FD1A5385-FFF8-4139-B594-1935CF1B4BE9}_is1) (Version: 5.2.13156.0 - John Wiley & Sons)
TheraScribe 5 (HKLM-x32\...\TheraScribe 5) (Version:  - John Wiley & Sons)
TheraScribe 5 (x32 Version: 5 - John Wiley & Sons) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 8081.48 MB
Available physical RAM: 5480.94 MB
Total Pagefile: 16161.13 MB
Available Pagefile: 13729.12 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.4 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:1862.82 GB) (Free:1740.9 GB) NTFS

========================= Users: ========================================

User accounts for \\SANCTUARYTWR01

Administrator            Guest                    Heather                 
Hollie                   Oriana                   QBDataServiceUser24     
RPA                      Sanctuary Tower 01       Sonos                   
Trish                   

**** End of log ****

 

 

 

16:22:34.0503 0x1998  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
16:22:39.0281 0x1998  ============================================================
16:22:39.0281 0x1998  Current date / time: 2015/01/03 16:22:39.0281
16:22:39.0281 0x1998  SystemInfo:
16:22:39.0281 0x1998 
16:22:39.0281 0x1998  OS Version: 6.1.7601 ServicePack: 1.0
16:22:39.0281 0x1998  Product type: Workstation
16:22:39.0281 0x1998  ComputerName: SANCTUARYTWR01
16:22:39.0282 0x1998  UserName: RPA
16:22:39.0282 0x1998  Windows directory: C:\Windows
16:22:39.0282 0x1998  System windows directory: C:\Windows
16:22:39.0282 0x1998  Running under WOW64
16:22:39.0282 0x1998  Processor architecture: Intel x64
16:22:39.0282 0x1998  Number of processors: 4
16:22:39.0282 0x1998  Page size: 0x1000
16:22:39.0282 0x1998  Boot type: Normal boot
16:22:39.0282 0x1998  ============================================================
16:22:41.0685 0x1998  KLMD registered as C:\Windows\system32\drivers\63886722.sys
16:22:42.0056 0x1998  System UUID: {C314793C-E2EC-6663-605F-0B23B4A6F00C}
16:22:42.0507 0x1998  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:22:42.0586 0x1998  ============================================================
16:22:42.0586 0x1998  \Device\Harddisk0\DR0:
16:22:42.0586 0x1998  MBR partitions:
16:22:42.0586 0x1998  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
16:22:42.0586 0x1998  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0xE8DA38B0
16:22:42.0586 0x1998  ============================================================
16:22:42.0606 0x1998  C: <-> \Device\Harddisk0\DR0\Partition2
16:22:42.0606 0x1998  ============================================================
16:22:42.0607 0x1998  Initialize success
16:22:42.0607 0x1998  ============================================================
16:22:54.0531 0x1e48  ============================================================
16:22:54.0531 0x1e48  Scan started
16:22:54.0531 0x1e48  Mode: Manual;
16:22:54.0531 0x1e48  ============================================================
16:22:54.0531 0x1e48  KSN ping started
16:22:57.0135 0x1e48  KSN ping finished: true
16:22:59.0716 0x1e48  ================ Scan system memory ========================
16:22:59.0716 0x1e48  System memory - ok
16:22:59.0717 0x1e48  ================ Scan services =============================
16:22:59.0808 0x1e48  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:22:59.0817 0x1e48  1394ohci - ok
16:22:59.0865 0x1e48  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:22:59.0876 0x1e48  ACPI - ok
16:22:59.0886 0x1e48  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:22:59.0888 0x1e48  AcpiPmi - ok
16:22:59.0993 0x1e48  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:22:59.0997 0x1e48  AdobeARMservice - ok
16:23:00.0065 0x1e48  [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:23:00.0074 0x1e48  AdobeFlashPlayerUpdateSvc - ok
16:23:00.0105 0x1e48  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:23:00.0122 0x1e48  adp94xx - ok
16:23:00.0137 0x1e48  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:23:00.0146 0x1e48  adpahci - ok
16:23:00.0159 0x1e48  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:23:00.0163 0x1e48  adpu320 - ok
16:23:00.0179 0x1e48  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:23:00.0182 0x1e48  AeLookupSvc - ok
16:23:00.0218 0x1e48  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:23:00.0229 0x1e48  AFD - ok
16:23:00.0239 0x1e48  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:23:00.0241 0x1e48  agp440 - ok
16:23:00.0246 0x1e48  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:23:00.0248 0x1e48  ALG - ok
16:23:00.0292 0x1e48  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:23:00.0294 0x1e48  aliide - ok
16:23:00.0303 0x1e48  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:23:00.0306 0x1e48  amdide - ok
16:23:00.0330 0x1e48  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:23:00.0334 0x1e48  AmdK8 - ok
16:23:00.0352 0x1e48  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:23:00.0355 0x1e48  AmdPPM - ok
16:23:00.0370 0x1e48  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:23:00.0375 0x1e48  amdsata - ok
16:23:00.0396 0x1e48  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:23:00.0403 0x1e48  amdsbs - ok
16:23:00.0415 0x1e48  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:23:00.0418 0x1e48  amdxata - ok
16:23:00.0432 0x1e48  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:23:00.0435 0x1e48  AppID - ok
16:23:00.0446 0x1e48  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:23:00.0449 0x1e48  AppIDSvc - ok
16:23:00.0489 0x1e48  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:23:00.0493 0x1e48  Appinfo - ok
16:23:00.0549 0x1e48  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:23:00.0568 0x1e48  Apple Mobile Device - ok
16:23:00.0590 0x1e48  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:23:00.0597 0x1e48  AppMgmt - ok
16:23:00.0610 0x1e48  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:23:00.0615 0x1e48  arc - ok
16:23:00.0631 0x1e48  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:23:00.0636 0x1e48  arcsas - ok
16:23:00.0752 0x1e48  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:23:00.0755 0x1e48  aspnet_state - ok
16:23:00.0777 0x1e48  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:23:00.0780 0x1e48  AsyncMac - ok
16:23:00.0803 0x1e48  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:23:00.0805 0x1e48  atapi - ok
16:23:00.0866 0x1e48  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:23:00.0885 0x1e48  AudioEndpointBuilder - ok
16:23:00.0898 0x1e48  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:23:00.0907 0x1e48  AudioSrv - ok
16:23:00.0916 0x1e48  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:23:00.0920 0x1e48  AxInstSV - ok
16:23:00.0941 0x1e48  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:23:00.0949 0x1e48  b06bdrv - ok
16:23:00.0967 0x1e48  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:23:00.0972 0x1e48  b57nd60a - ok
16:23:00.0982 0x1e48  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:23:00.0989 0x1e48  BDESVC - ok
16:23:01.0000 0x1e48  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:23:01.0011 0x1e48  Beep - ok
16:23:01.0049 0x1e48  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:23:01.0066 0x1e48  BFE - ok
16:23:01.0096 0x1e48  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
16:23:01.0125 0x1e48  BITS - ok
16:23:01.0136 0x1e48  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
16:23:01.0138 0x1e48  blbdrive - ok
16:23:01.0207 0x1e48  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:23:01.0219 0x1e48  Bonjour Service - ok
16:23:01.0237 0x1e48  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:23:01.0240 0x1e48  bowser - ok
16:23:01.0259 0x1e48  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:23:01.0262 0x1e48  BrFiltLo - ok
16:23:01.0275 0x1e48  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:23:01.0277 0x1e48  BrFiltUp - ok
16:23:01.0292 0x1e48  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
16:23:01.0296 0x1e48  BridgeMP - ok
16:23:01.0315 0x1e48  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:23:01.0320 0x1e48  Browser - ok
16:23:01.0332 0x1e48  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:23:01.0342 0x1e48  Brserid - ok
16:23:01.0359 0x1e48  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:23:01.0362 0x1e48  BrSerWdm - ok
16:23:01.0373 0x1e48  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:23:01.0375 0x1e48  BrUsbMdm - ok
16:23:01.0385 0x1e48  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:23:01.0387 0x1e48  BrUsbSer - ok
16:23:01.0409 0x1e48  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:23:01.0412 0x1e48  BTHMODEM - ok
16:23:01.0436 0x1e48  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:23:01.0440 0x1e48  bthserv - ok
16:23:01.0646 0x1e48  [ 75D8FEFCE357EFBDFAFB8011CC5A49D8, F8A952839DF9049FE04D9DE07F9ABC9AB156565B7806FC60F5877311FD31B80B ] CCNAgent        C:\Program Files (x86)\CCleaner Network\Endpoint Agent\CCNAgent_2.06.4023.exe
16:23:01.0814 0x1e48  CCNAgent - ok
16:23:01.0830 0x1e48  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:23:01.0833 0x1e48  cdfs - ok
16:23:01.0861 0x1e48  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:23:01.0864 0x1e48  cdrom - ok
16:23:01.0874 0x1e48  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:23:01.0877 0x1e48  CertPropSvc - ok
16:23:01.0889 0x1e48  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:23:01.0891 0x1e48  circlass - ok
16:23:01.0905 0x1e48  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:23:01.0911 0x1e48  CLFS - ok
16:23:02.0035 0x1e48  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
16:23:02.0077 0x1e48  ClickToRunSvc - ok
16:23:02.0136 0x1e48  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:23:02.0140 0x1e48  clr_optimization_v2.0.50727_32 - ok
16:23:02.0165 0x1e48  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:23:02.0169 0x1e48  clr_optimization_v2.0.50727_64 - ok
16:23:02.0257 0x1e48  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:23:02.0262 0x1e48  clr_optimization_v4.0.30319_32 - ok
16:23:02.0275 0x1e48  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:23:02.0282 0x1e48  clr_optimization_v4.0.30319_64 - ok
16:23:02.0294 0x1e48  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:23:02.0297 0x1e48  CmBatt - ok
16:23:02.0339 0x1e48  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:23:02.0342 0x1e48  cmdide - ok
16:23:02.0408 0x1e48  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
16:23:02.0422 0x1e48  CNG - ok
16:23:02.0438 0x1e48  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:23:02.0440 0x1e48  Compbatt - ok
16:23:02.0454 0x1e48  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:23:02.0457 0x1e48  CompositeBus - ok
16:23:02.0461 0x1e48  COMSysApp - ok
16:23:02.0497 0x1e48  [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:23:02.0506 0x1e48  cphs - ok
16:23:02.0521 0x1e48  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:23:02.0524 0x1e48  crcdisk - ok
16:23:02.0567 0x1e48  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:23:02.0574 0x1e48  CryptSvc - ok
16:23:02.0611 0x1e48  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
16:23:02.0625 0x1e48  CSC - ok
16:23:02.0652 0x1e48  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
16:23:02.0666 0x1e48  CscService - ok
16:23:02.0697 0x1e48  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:23:02.0714 0x1e48  DcomLaunch - ok
16:23:02.0749 0x1e48  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:23:02.0760 0x1e48  defragsvc - ok
16:23:02.0780 0x1e48  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:23:02.0784 0x1e48  DfsC - ok
16:23:02.0801 0x1e48  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:23:02.0811 0x1e48  Dhcp - ok
16:23:02.0825 0x1e48  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:23:02.0828 0x1e48  discache - ok
16:23:02.0844 0x1e48  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:23:02.0848 0x1e48  Disk - ok
16:23:02.0867 0x1e48  dldt_device - ok
16:23:02.0885 0x1e48  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
16:23:02.0888 0x1e48  dmvsc - ok
16:23:02.0911 0x1e48  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:23:02.0917 0x1e48  Dnscache - ok
16:23:02.0928 0x1e48  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:23:02.0937 0x1e48  dot3svc - ok
16:23:02.0951 0x1e48  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:23:02.0955 0x1e48  DPS - ok
16:23:02.0987 0x1e48  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:23:02.0989 0x1e48  drmkaud - ok
16:23:03.0056 0x1e48  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:23:03.0078 0x1e48  DXGKrnl - ok
16:23:03.0107 0x1e48  [ 78A3903702B7535154F56685CA1517D4, FAA277491EA02EBA5C580D837A1526E77FA776632EFF73E433C9A852367BADDE ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
16:23:03.0111 0x1e48  eamonm - ok
16:23:03.0124 0x1e48  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:23:03.0128 0x1e48  EapHost - ok
16:23:03.0215 0x1e48  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:23:03.0276 0x1e48  ebdrv - ok
16:23:03.0318 0x1e48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
16:23:03.0322 0x1e48  EFS - ok
16:23:03.0344 0x1e48  [ 9E39134330C18CBAC0F24C1283701D7E, 6F6B2AB6CD1932216BA516F4DE8316BE9625CFAF602522A99F77351A538E5799 ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
16:23:03.0350 0x1e48  ehdrv - ok
16:23:03.0398 0x1e48  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:23:03.0412 0x1e48  ehRecvr - ok
16:23:03.0422 0x1e48  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:23:03.0435 0x1e48  ehSched - ok
16:23:03.0509 0x1e48  [ 501C1787CA4FAC7F6E9F585E96EB2FAC, 63FCF49D245BE2DB83F6C2D77F2946455969A6D51F5398D715DC847C03AB6468 ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
16:23:03.0535 0x1e48  ekrn - ok
16:23:03.0560 0x1e48  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:23:03.0569 0x1e48  elxstor - ok
16:23:03.0579 0x1e48  [ B4E8DC817963B256537B1EC09AF0647E, 8171A0A378C32D9B61D9276EE982DEE4A3136322F40100B7AAEEA3C6AC98AF67 ] epfwwfpr        C:\Windows\system32\DRIVERS\epfwwfpr.sys
16:23:03.0582 0x1e48  epfwwfpr - ok
16:23:03.0600 0x1e48  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:23:03.0602 0x1e48  ErrDev - ok
16:23:03.0620 0x1e48  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:23:03.0628 0x1e48  EventSystem - ok
16:23:03.0651 0x1e48  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:23:03.0682 0x1e48  exfat - ok
16:23:03.0698 0x1e48  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:23:03.0702 0x1e48  fastfat - ok
16:23:03.0727 0x1e48  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:23:03.0740 0x1e48  Fax - ok
16:23:03.0751 0x1e48  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:23:03.0755 0x1e48  fdc - ok
16:23:03.0772 0x1e48  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:23:03.0773 0x1e48  fdPHost - ok
16:23:03.0780 0x1e48  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:23:03.0782 0x1e48  FDResPub - ok
16:23:03.0786 0x1e48  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:23:03.0788 0x1e48  FileInfo - ok
16:23:03.0791 0x1e48  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:23:03.0792 0x1e48  Filetrace - ok
16:23:03.0799 0x1e48  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:23:03.0801 0x1e48  flpydisk - ok
16:23:03.0819 0x1e48  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:23:03.0824 0x1e48  FltMgr - ok
16:23:03.0860 0x1e48  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:23:03.0880 0x1e48  FontCache - ok
16:23:03.0906 0x1e48  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:23:03.0908 0x1e48  FontCache3.0.0.0 - ok
16:23:03.0923 0x1e48  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:23:03.0926 0x1e48  FsDepends - ok
16:23:03.0950 0x1e48  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:23:03.0952 0x1e48  Fs_Rec - ok
16:23:04.0002 0x1e48  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:23:04.0010 0x1e48  fvevol - ok
16:23:04.0024 0x1e48  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:23:04.0027 0x1e48  gagp30kx - ok
16:23:04.0073 0x1e48  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:23:04.0076 0x1e48  GEARAspiWDM - ok
16:23:04.0106 0x1e48  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:23:04.0126 0x1e48  gpsvc - ok
16:23:04.0205 0x1e48  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:23:04.0209 0x1e48  gupdate - ok
16:23:04.0215 0x1e48  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:23:04.0219 0x1e48  gupdatem - ok
16:23:04.0235 0x1e48  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:23:04.0237 0x1e48  hcw85cir - ok
16:23:04.0270 0x1e48  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:23:04.0282 0x1e48  HdAudAddService - ok
16:23:04.0298 0x1e48  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:23:04.0303 0x1e48  HDAudBus - ok
16:23:04.0318 0x1e48  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:23:04.0321 0x1e48  HidBatt - ok
16:23:04.0332 0x1e48  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:23:04.0337 0x1e48  HidBth - ok
16:23:04.0348 0x1e48  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:23:04.0352 0x1e48  HidIr - ok
16:23:04.0362 0x1e48  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
16:23:04.0365 0x1e48  hidserv - ok
16:23:04.0422 0x1e48  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:23:04.0425 0x1e48  HidUsb - ok
16:23:04.0445 0x1e48  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:23:04.0450 0x1e48  hkmsvc - ok
16:23:04.0465 0x1e48  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:23:04.0474 0x1e48  HomeGroupListener - ok
16:23:04.0499 0x1e48  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:23:04.0506 0x1e48  HomeGroupProvider - ok
16:23:04.0522 0x1e48  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:23:04.0526 0x1e48  HpSAMD - ok
16:23:04.0568 0x1e48  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:23:04.0585 0x1e48  HTTP - ok
16:23:04.0592 0x1e48  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:23:04.0593 0x1e48  hwpolicy - ok
16:23:04.0606 0x1e48  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:23:04.0610 0x1e48  i8042prt - ok
16:23:04.0647 0x1e48  [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
16:23:04.0662 0x1e48  iaStor - ok
16:23:04.0701 0x1e48  [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:23:04.0703 0x1e48  IAStorDataMgrSvc - ok
16:23:04.0724 0x1e48  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:23:04.0735 0x1e48  iaStorV - ok
16:23:04.0799 0x1e48  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:23:04.0819 0x1e48  idsvc - ok
16:23:04.0830 0x1e48  IEEtwCollectorService - ok
16:23:04.0948 0x1e48  [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:23:05.0068 0x1e48  igfx - ok
16:23:05.0080 0x1e48  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:23:05.0082 0x1e48  iirsp - ok
16:23:05.0132 0x1e48  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:23:05.0149 0x1e48  IKEEXT - ok
16:23:05.0275 0x1e48  [ 150AC23F21DBDBF8488408BA944B0D65, 77A3A0FB5208AA061224CFACC4D136A260132CC4BA01D105AE1532B749968708 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:23:05.0364 0x1e48  IntcAzAudAddService - ok
16:23:05.0406 0x1e48  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
16:23:05.0412 0x1e48  IntcDAud - ok
16:23:05.0418 0x1e48  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:23:05.0419 0x1e48  intelide - ok
16:23:05.0442 0x1e48  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:23:05.0444 0x1e48  intelppm - ok
16:23:05.0474 0x1e48  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:23:05.0480 0x1e48  IPBusEnum - ok
16:23:05.0497 0x1e48  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:23:05.0501 0x1e48  IpFilterDriver - ok
16:23:05.0542 0x1e48  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:23:05.0560 0x1e48  iphlpsvc - ok
16:23:05.0576 0x1e48  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:23:05.0579 0x1e48  IPMIDRV - ok
16:23:05.0594 0x1e48  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:23:05.0600 0x1e48  IPNAT - ok
16:23:05.0637 0x1e48  [ 835FC2EA0631B734BB06C12B0665F01D, B8A8B0148C6C3AFC40835B44E3D6508CB9EEE8AC430A7904711C8B51C2116A8D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:23:05.0655 0x1e48  iPod Service - ok
16:23:05.0658 0x1e48  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:23:05.0659 0x1e48  IRENUM - ok
16:23:05.0669 0x1e48  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:23:05.0671 0x1e48  isapnp - ok
16:23:05.0693 0x1e48  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:23:05.0698 0x1e48  iScsiPrt - ok
16:23:05.0709 0x1e48  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:23:05.0711 0x1e48  kbdclass - ok
16:23:05.0721 0x1e48  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:23:05.0723 0x1e48  kbdhid - ok
16:23:05.0743 0x1e48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
16:23:05.0744 0x1e48  KeyIso - ok
16:23:05.0780 0x1e48  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:23:05.0786 0x1e48  KSecDD - ok
16:23:05.0825 0x1e48  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:23:05.0831 0x1e48  KSecPkg - ok
16:23:05.0840 0x1e48  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:23:05.0843 0x1e48  ksthunk - ok
16:23:05.0866 0x1e48  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:23:05.0887 0x1e48  KtmRm - ok
16:23:05.0911 0x1e48  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
16:23:05.0918 0x1e48  LanmanServer - ok
16:23:05.0934 0x1e48  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:23:05.0939 0x1e48  LanmanWorkstation - ok
16:23:05.0964 0x1e48  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:23:05.0967 0x1e48  lltdio - ok
16:23:05.0985 0x1e48  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:23:05.0993 0x1e48  lltdsvc - ok
16:23:06.0006 0x1e48  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:23:06.0008 0x1e48  lmhosts - ok
16:23:06.0028 0x1e48  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:23:06.0032 0x1e48  LSI_FC - ok
16:23:06.0044 0x1e48  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:23:06.0048 0x1e48  LSI_SAS - ok
16:23:06.0057 0x1e48  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:23:06.0060 0x1e48  LSI_SAS2 - ok
16:23:06.0076 0x1e48  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:23:06.0081 0x1e48  LSI_SCSI - ok
16:23:06.0092 0x1e48  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:23:06.0096 0x1e48  luafv - ok
16:23:06.0113 0x1e48  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:23:06.0118 0x1e48  Mcx2Svc - ok
16:23:06.0131 0x1e48  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:23:06.0133 0x1e48  megasas - ok
16:23:06.0146 0x1e48  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:23:06.0153 0x1e48  MegaSR - ok
16:23:06.0170 0x1e48  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
16:23:06.0172 0x1e48  MEIx64 - ok
16:23:06.0180 0x1e48  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:23:06.0183 0x1e48  MMCSS - ok
16:23:06.0193 0x1e48  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:23:06.0196 0x1e48  Modem - ok
16:23:06.0210 0x1e48  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:23:06.0212 0x1e48  monitor - ok
16:23:06.0226 0x1e48  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:23:06.0229 0x1e48  mouclass - ok
16:23:06.0236 0x1e48  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:23:06.0238 0x1e48  mouhid - ok
16:23:06.0248 0x1e48  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:23:06.0252 0x1e48  mountmgr - ok
16:23:06.0265 0x1e48  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:23:06.0270 0x1e48  mpio - ok
16:23:06.0303 0x1e48  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:23:06.0307 0x1e48  mpsdrv - ok
16:23:06.0340 0x1e48  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:23:06.0361 0x1e48  MpsSvc - ok
16:23:06.0395 0x1e48  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:23:06.0399 0x1e48  MRxDAV - ok
16:23:06.0421 0x1e48  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:23:06.0427 0x1e48  mrxsmb - ok
16:23:06.0450 0x1e48  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:23:06.0460 0x1e48  mrxsmb10 - ok
16:23:06.0473 0x1e48  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:23:06.0479 0x1e48  mrxsmb20 - ok
16:23:06.0521 0x1e48  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:23:06.0525 0x1e48  msahci - ok
16:23:06.0607 0x1e48  [ A592A054D78750B4D73ABAA4C94DECDF, 40B135C9F9EE698EC78BD19BD18353AE2CF4D020DDB9CFC37CD2FDBF7602614A ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe
16:23:06.0614 0x1e48  MSCamSvc - ok
16:23:06.0632 0x1e48  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:23:06.0636 0x1e48  msdsm - ok
16:23:06.0652 0x1e48  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:23:06.0658 0x1e48  MSDTC - ok
16:23:06.0677 0x1e48  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:23:06.0680 0x1e48  Msfs - ok
16:23:06.0686 0x1e48  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:23:06.0688 0x1e48  mshidkmdf - ok
16:23:06.0719 0x1e48  [ 55218F924E55FD2786ED40EDF4ED79C3, C6000DE3A1FB526ECB77438A03F7212517CCD5E0CC9DDA07826865F8B980BEA0 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys
16:23:06.0727 0x1e48  MSHUSBVideo - ok
16:23:06.0731 0x1e48  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:23:06.0732 0x1e48  msisadrv - ok
16:23:06.0745 0x1e48  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:23:06.0759 0x1e48  MSiSCSI - ok
16:23:06.0762 0x1e48  msiserver - ok
16:23:06.0772 0x1e48  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:23:06.0774 0x1e48  MSKSSRV - ok
16:23:06.0780 0x1e48  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:23:06.0781 0x1e48  MSPCLOCK - ok
16:23:06.0794 0x1e48  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:23:06.0795 0x1e48  MSPQM - ok
16:23:06.0816 0x1e48  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:23:06.0827 0x1e48  MsRPC - ok
16:23:06.0837 0x1e48  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:23:06.0839 0x1e48  mssmbios - ok
16:23:06.0854 0x1e48  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:23:06.0856 0x1e48  MSTEE - ok
16:23:06.0867 0x1e48  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:23:06.0869 0x1e48  MTConfig - ok
16:23:06.0878 0x1e48  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:23:06.0881 0x1e48  Mup - ok
16:23:06.0912 0x1e48  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:23:06.0927 0x1e48  napagent - ok
16:23:06.0958 0x1e48  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:23:06.0968 0x1e48  NativeWifiP - ok
16:23:07.0009 0x1e48  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:23:07.0034 0x1e48  NDIS - ok
16:23:07.0047 0x1e48  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:23:07.0049 0x1e48  NdisCap - ok
16:23:07.0063 0x1e48  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:23:07.0065 0x1e48  NdisTapi - ok
16:23:07.0084 0x1e48  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:23:07.0086 0x1e48  Ndisuio - ok
16:23:07.0096 0x1e48  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:23:07.0099 0x1e48  NdisWan - ok
16:23:07.0107 0x1e48  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:23:07.0109 0x1e48  NDProxy - ok
16:23:07.0116 0x1e48  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:23:07.0118 0x1e48  NetBIOS - ok
16:23:07.0133 0x1e48  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:23:07.0138 0x1e48  NetBT - ok
16:23:07.0144 0x1e48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
16:23:07.0145 0x1e48  Netlogon - ok
16:23:07.0155 0x1e48  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:23:07.0163 0x1e48  Netman - ok
16:23:07.0197 0x1e48  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:23:07.0200 0x1e48  NetMsmqActivator - ok
16:23:07.0208 0x1e48  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:23:07.0210 0x1e48  NetPipeActivator - ok
16:23:07.0228 0x1e48  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:23:07.0237 0x1e48  netprofm - ok
16:23:07.0270 0x1e48  [ 1982B291DF9833FB3ADC397EBD310A18, 09E97EE548218558625A49AC88BF761153E15F6F429DDCEE6B184590BAE6BC0A ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
16:23:07.0288 0x1e48  netr28x - ok
16:23:07.0293 0x1e48  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:23:07.0295 0x1e48  NetTcpActivator - ok
16:23:07.0299 0x1e48  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:23:07.0301 0x1e48  NetTcpPortSharing - ok
16:23:07.0329 0x1e48  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:23:07.0331 0x1e48  nfrd960 - ok
16:23:07.0351 0x1e48  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:23:07.0362 0x1e48  NlaSvc - ok
16:23:07.0376 0x1e48  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:23:07.0379 0x1e48  Npfs - ok
16:23:07.0387 0x1e48  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:23:07.0390 0x1e48  nsi - ok
16:23:07.0393 0x1e48  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:23:07.0394 0x1e48  nsiproxy - ok
16:23:07.0479 0x1e48  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:23:07.0507 0x1e48  Ntfs - ok
16:23:07.0519 0x1e48  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:23:07.0521 0x1e48  Null - ok
16:23:07.0538 0x1e48  [ 01266516E6E88D183A2B58722EEB4443, A49647084161A95DAD1B9D941C6A9AAC3B34CAA2C853D9DD65C046CEB7C6A004 ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
16:23:07.0541 0x1e48  nusb3hub - ok
16:23:07.0555 0x1e48  [ 5EC04F55CC5F165F21752712437DF638, B59907C583E1FD9FA6D4747D696AB0E67A6D01969CC48E687DF6A8D51851847A ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
16:23:07.0559 0x1e48  nusb3xhc - ok
16:23:07.0573 0x1e48  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:23:07.0576 0x1e48  nvraid - ok
16:23:07.0601 0x1e48  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:23:07.0605 0x1e48  nvstor - ok
16:23:07.0629 0x1e48  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:23:07.0632 0x1e48  nv_agp - ok
16:23:07.0636 0x1e48  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:23:07.0638 0x1e48  ohci1394 - ok
16:23:07.0698 0x1e48  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:23:07.0704 0x1e48  ose - ok
16:23:07.0906 0x1e48  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:23:08.0031 0x1e48  osppsvc - ok
16:23:08.0056 0x1e48  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:23:08.0061 0x1e48  p2pimsvc - ok
16:23:08.0080 0x1e48  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:23:08.0088 0x1e48  p2psvc - ok
16:23:08.0102 0x1e48  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:23:08.0105 0x1e48  Parport - ok
16:23:08.0125 0x1e48  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:23:08.0128 0x1e48  partmgr - ok
16:23:08.0137 0x1e48  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:23:08.0142 0x1e48  PcaSvc - ok
16:23:08.0150 0x1e48  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:23:08.0154 0x1e48  pci - ok
16:23:08.0178 0x1e48  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:23:08.0180 0x1e48  pciide - ok
16:23:08.0197 0x1e48  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:23:08.0204 0x1e48  pcmcia - ok
16:23:08.0225 0x1e48  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:23:08.0227 0x1e48  pcw - ok
16:23:08.0251 0x1e48  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:23:08.0263 0x1e48  PEAUTH - ok
16:23:08.0302 0x1e48  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:23:08.0326 0x1e48  PeerDistSvc - ok
16:23:08.0358 0x1e48  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:23:08.0360 0x1e48  PerfHost - ok
16:23:08.0397 0x1e48  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:23:08.0423 0x1e48  pla - ok
16:23:08.0462 0x1e48  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:23:08.0470 0x1e48  PlugPlay - ok
16:23:08.0475 0x1e48  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:23:08.0477 0x1e48  PNRPAutoReg - ok
16:23:08.0486 0x1e48  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:23:08.0490 0x1e48  PNRPsvc - ok
16:23:08.0512 0x1e48  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:23:08.0522 0x1e48  PolicyAgent - ok
16:23:08.0540 0x1e48  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:23:08.0544 0x1e48  Power - ok
16:23:08.0558 0x1e48  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:23:08.0561 0x1e48  PptpMiniport - ok
16:23:08.0573 0x1e48  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:23:08.0579 0x1e48  Processor - ok
16:23:08.0602 0x1e48  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:23:08.0609 0x1e48  ProfSvc - ok
16:23:08.0620 0x1e48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:23:08.0622 0x1e48  ProtectedStorage - ok
16:23:08.0630 0x1e48  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:23:08.0633 0x1e48  Psched - ok
16:23:08.0689 0x1e48  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
16:23:08.0693 0x1e48  PxHlpa64 - ok
16:23:08.0782 0x1e48  [ 7C75107713DDE649101F7259A58839D8, 04EA0048A5E8723D33322AD8560658EBD8D4FEE5223F6956F23861CE79954A55 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
16:23:08.0784 0x1e48  QBCFMonitorService - ok
16:23:08.0899 0x1e48  [ 9EE9AA5D1FB3F3B99467A20B03B47C5D, 5C43150DF7FC7786DD7568219860BEC89460EE13889B37F01A6D15D4059EC146 ] QBFCService     C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
16:23:08.0903 0x1e48  QBFCService - ok
16:23:09.0027 0x1e48  [ 35D56CD097331F2563114DA5AA237ADF, A7A52687DDECC6C733FBA4D8F714068321AE9BE9FB92DD55DDA10BBAD7316DE6 ] QBVSS           C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
16:23:09.0065 0x1e48  QBVSS - ok
16:23:09.0113 0x1e48  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:23:09.0138 0x1e48  ql2300 - ok
16:23:09.0150 0x1e48  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:23:09.0154 0x1e48  ql40xx - ok
16:23:09.0196 0x1e48  QuickBooksDB24 - ok
16:23:09.0218 0x1e48  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:23:09.0227 0x1e48  QWAVE - ok
16:23:09.0235 0x1e48  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:23:09.0239 0x1e48  QWAVEdrv - ok
16:23:09.0247 0x1e48  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:23:09.0249 0x1e48  RasAcd - ok
16:23:09.0268 0x1e48  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:23:09.0271 0x1e48  RasAgileVpn - ok
16:23:09.0282 0x1e48  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:23:09.0288 0x1e48  RasAuto - ok
16:23:09.0299 0x1e48  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:23:09.0304 0x1e48  Rasl2tp - ok
16:23:09.0325 0x1e48  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:23:09.0338 0x1e48  RasMan - ok
16:23:09.0350 0x1e48  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:23:09.0353 0x1e48  RasPppoe - ok
16:23:09.0361 0x1e48  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:23:09.0364 0x1e48  RasSstp - ok
16:23:09.0375 0x1e48  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:23:09.0383 0x1e48  rdbss - ok
16:23:09.0396 0x1e48  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:23:09.0398 0x1e48  rdpbus - ok
16:23:09.0413 0x1e48  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:23:09.0415 0x1e48  RDPCDD - ok
16:23:09.0441 0x1e48  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:23:09.0445 0x1e48  RDPDR - ok
16:23:09.0458 0x1e48  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:23:09.0459 0x1e48  RDPENCDD - ok
16:23:09.0469 0x1e48  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:23:09.0470 0x1e48  RDPREFMP - ok
16:23:09.0524 0x1e48  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:23:09.0526 0x1e48  RdpVideoMiniport - ok
16:23:09.0570 0x1e48  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:23:09.0577 0x1e48  RDPWD - ok
16:23:09.0604 0x1e48  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:23:09.0611 0x1e48  rdyboost - ok
16:23:09.0634 0x1e48  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:23:09.0639 0x1e48  RemoteAccess - ok
16:23:09.0652 0x1e48  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:23:09.0658 0x1e48  RemoteRegistry - ok
16:23:09.0669 0x1e48  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:23:09.0673 0x1e48  RpcEptMapper - ok
16:23:09.0677 0x1e48  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:23:09.0679 0x1e48  RpcLocator - ok
16:23:09.0702 0x1e48  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:23:09.0714 0x1e48  RpcSs - ok
16:23:09.0737 0x1e48  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:23:09.0740 0x1e48  rspndr - ok
16:23:09.0765 0x1e48  [ ED5873F7DFB2F96D37F13322211B6BDC, 26CAE8FD1CFDB568D6A881CDE973F9929013EB0403347E5D19CABAA215012381 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:23:09.0776 0x1e48  RTL8167 - ok
16:23:09.0784 0x1e48  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:23:09.0786 0x1e48  s3cap - ok
16:23:09.0795 0x1e48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
16:23:09.0796 0x1e48  SamSs - ok
16:23:09.0807 0x1e48  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:23:09.0811 0x1e48  sbp2port - ok
16:23:09.0822 0x1e48  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:23:09.0829 0x1e48  SCardSvr - ok
16:23:09.0838 0x1e48  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:23:09.0840 0x1e48  scfilter - ok
16:23:09.0874 0x1e48  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:23:09.0895 0x1e48  Schedule - ok
16:23:09.0918 0x1e48  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:23:09.0920 0x1e48  SCPolicySvc - ok
16:23:09.0929 0x1e48  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:23:09.0933 0x1e48  SDRSVC - ok
16:23:09.0943 0x1e48  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:23:09.0945 0x1e48  secdrv - ok
16:23:09.0954 0x1e48  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:23:09.0956 0x1e48  seclogon - ok
16:23:09.0966 0x1e48  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
16:23:09.0969 0x1e48  SENS - ok
16:23:09.0972 0x1e48  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:23:09.0973 0x1e48  SensrSvc - ok
16:23:09.0984 0x1e48  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:23:09.0986 0x1e48  Serenum - ok
16:23:09.0994 0x1e48  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
16:23:09.0997 0x1e48  Serial - ok
16:23:10.0010 0x1e48  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:23:10.0011 0x1e48  sermouse - ok
16:23:10.0018 0x1e48  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:23:10.0021 0x1e48  SessionEnv - ok
16:23:10.0026 0x1e48  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:23:10.0028 0x1e48  sffdisk - ok
16:23:10.0038 0x1e48  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:23:10.0040 0x1e48  sffp_mmc - ok
16:23:10.0050 0x1e48  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:23:10.0052 0x1e48  sffp_sd - ok
16:23:10.0059 0x1e48  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:23:10.0061 0x1e48  sfloppy - ok
16:23:10.0090 0x1e48  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:23:10.0098 0x1e48  SharedAccess - ok
16:23:10.0114 0x1e48  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:23:10.0122 0x1e48  ShellHWDetection - ok
16:23:10.0130 0x1e48  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:23:10.0131 0x1e48  SiSRaid2 - ok
16:23:10.0146 0x1e48  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:23:10.0148 0x1e48  SiSRaid4 - ok
16:23:10.0160 0x1e48  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:23:10.0163 0x1e48  Smb - ok
16:23:10.0175 0x1e48  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:23:10.0177 0x1e48  SNMPTRAP - ok
16:23:10.0184 0x1e48  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:23:10.0190 0x1e48  spldr - ok
16:23:10.0216 0x1e48  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:23:10.0227 0x1e48  Spooler - ok
16:23:10.0295 0x1e48  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:23:10.0363 0x1e48  sppsvc - ok
16:23:10.0377 0x1e48  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:23:10.0381 0x1e48  sppuinotify - ok
16:23:10.0406 0x1e48  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:23:10.0414 0x1e48  srv - ok
16:23:10.0427 0x1e48  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:23:10.0434 0x1e48  srv2 - ok
16:23:10.0447 0x1e48  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:23:10.0451 0x1e48  srvnet - ok
16:23:10.0466 0x1e48  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:23:10.0470 0x1e48  SSDPSRV - ok
16:23:10.0477 0x1e48  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:23:10.0480 0x1e48  SstpSvc - ok
16:23:10.0493 0x1e48  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:23:10.0494 0x1e48  stexstor - ok
16:23:10.0515 0x1e48  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:23:10.0525 0x1e48  stisvc - ok
16:23:10.0537 0x1e48  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:23:10.0539 0x1e48  storflt - ok
16:23:10.0555 0x1e48  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
16:23:10.0557 0x1e48  StorSvc - ok
16:23:10.0566 0x1e48  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:23:10.0568 0x1e48  storvsc - ok
16:23:10.0578 0x1e48  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:23:10.0579 0x1e48  swenum - ok
16:23:10.0596 0x1e48  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:23:10.0606 0x1e48  swprv - ok
16:23:10.0649 0x1e48  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:23:10.0679 0x1e48  SysMain - ok
16:23:10.0693 0x1e48  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:23:10.0697 0x1e48  TabletInputService - ok
16:23:10.0710 0x1e48  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:23:10.0717 0x1e48  TapiSrv - ok
16:23:10.0729 0x1e48  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:23:10.0731 0x1e48  TBS - ok
16:23:10.0783 0x1e48  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:23:10.0815 0x1e48  Tcpip - ok
16:23:10.0849 0x1e48  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:23:10.0873 0x1e48  TCPIP6 - ok
16:23:10.0895 0x1e48  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:23:10.0896 0x1e48  tcpipreg - ok
16:23:10.0913 0x1e48  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:23:10.0915 0x1e48  TDPIPE - ok
16:23:10.0928 0x1e48  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:23:10.0930 0x1e48  TDTCP - ok
16:23:10.0969 0x1e48  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:23:10.0979 0x1e48  tdx - ok
16:23:10.0988 0x1e48  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:23:10.0991 0x1e48  TermDD - ok
16:23:11.0022 0x1e48  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
16:23:11.0040 0x1e48  TermService - ok
16:23:11.0048 0x1e48  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:23:11.0052 0x1e48  Themes - ok
16:23:11.0064 0x1e48  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:23:11.0066 0x1e48  THREADORDER - ok
16:23:11.0075 0x1e48  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:23:11.0079 0x1e48  TrkWks - ok
16:23:11.0094 0x1e48  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:23:11.0098 0x1e48  TrustedInstaller - ok
16:23:11.0129 0x1e48  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:23:11.0131 0x1e48  tssecsrv - ok
16:23:11.0177 0x1e48  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:23:11.0180 0x1e48  TsUsbFlt - ok
16:23:11.0197 0x1e48  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:23:11.0200 0x1e48  TsUsbGD - ok
16:23:11.0225 0x1e48  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:23:11.0230 0x1e48  tunnel - ok
16:23:11.0251 0x1e48  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:23:11.0254 0x1e48  uagp35 - ok
16:23:11.0272 0x1e48  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:23:11.0284 0x1e48  udfs - ok
16:23:11.0299 0x1e48  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:23:11.0339 0x1e48  UI0Detect - ok
16:23:11.0453 0x1e48  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:23:11.0480 0x1e48  uliagpkx - ok
16:23:11.0536 0x1e48  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:23:11.0539 0x1e48  umbus - ok
16:23:11.0553 0x1e48  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:23:11.0555 0x1e48  UmPass - ok
16:23:11.0574 0x1e48  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:23:11.0583 0x1e48  UmRdpService - ok
16:23:11.0604 0x1e48  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:23:11.0617 0x1e48  upnphost - ok
16:23:11.0644 0x1e48  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:23:11.0646 0x1e48  USBAAPL64 - ok
16:23:11.0677 0x1e48  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:23:11.0683 0x1e48  usbaudio - ok
16:23:11.0704 0x1e48  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:23:11.0707 0x1e48  usbccgp - ok
16:23:11.0753 0x1e48  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:23:11.0759 0x1e48  usbcir - ok
16:23:11.0773 0x1e48  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:23:11.0776 0x1e48  usbehci - ok
16:23:11.0794 0x1e48  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:23:11.0803 0x1e48  usbhub - ok
16:23:11.0814 0x1e48  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:23:11.0815 0x1e48  usbohci - ok
16:23:11.0825 0x1e48  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:23:11.0827 0x1e48  usbprint - ok
16:23:11.0831 0x1e48  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:23:11.0834 0x1e48  USBSTOR - ok
16:23:11.0840 0x1e48  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:23:11.0841 0x1e48  usbuhci - ok
16:23:11.0862 0x1e48  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:23:11.0865 0x1e48  usbvideo - ok
16:23:11.0875 0x1e48  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:23:11.0878 0x1e48  UxSms - ok
16:23:11.0886 0x1e48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
16:23:11.0887 0x1e48  VaultSvc - ok
16:23:11.0896 0x1e48  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:23:11.0897 0x1e48  vdrvroot - ok
16:23:11.0915 0x1e48  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:23:11.0926 0x1e48  vds - ok
16:23:11.0934 0x1e48  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:23:11.0935 0x1e48  vga - ok
16:23:11.0941 0x1e48  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:23:11.0943 0x1e48  VgaSave - ok
16:23:11.0958 0x1e48  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:23:11.0963 0x1e48  vhdmp - ok
16:23:11.0974 0x1e48  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:23:11.0976 0x1e48  viaide - ok
16:23:11.0984 0x1e48  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:23:11.0989 0x1e48  vmbus - ok
16:23:12.0000 0x1e48  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:23:12.0003 0x1e48  VMBusHID - ok
16:23:12.0012 0x1e48  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:23:12.0014 0x1e48  volmgr - ok
16:23:12.0030 0x1e48  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:23:12.0037 0x1e48  volmgrx - ok
16:23:12.0050 0x1e48  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:23:12.0055 0x1e48  volsnap - ok
16:23:12.0065 0x1e48  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:23:12.0068 0x1e48  vsmraid - ok
16:23:12.0107 0x1e48  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:23:12.0133 0x1e48  VSS - ok
16:23:12.0145 0x1e48  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:23:12.0147 0x1e48  vwifibus - ok
16:23:12.0154 0x1e48  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:23:12.0156 0x1e48  vwififlt - ok
16:23:12.0174 0x1e48  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:23:12.0176 0x1e48  vwifimp - ok
16:23:12.0194 0x1e48  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:23:12.0201 0x1e48  W32Time - ok
16:23:12.0211 0x1e48  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:23:12.0213 0x1e48  WacomPen - ok
16:23:12.0224 0x1e48  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:23:12.0227 0x1e48  WANARP - ok
16:23:12.0230 0x1e48  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:23:12.0232 0x1e48  Wanarpv6 - ok
16:23:12.0277 0x1e48  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:23:12.0299 0x1e48  WatAdminSvc - ok
16:23:12.0337 0x1e48  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:23:12.0364 0x1e48  wbengine - ok
16:23:12.0386 0x1e48  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:23:12.0390 0x1e48  WbioSrvc - ok
16:23:12.0407 0x1e48  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:23:12.0415 0x1e48  wcncsvc - ok
16:23:12.0424 0x1e48  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:23:12.0427 0x1e48  WcsPlugInService - ok
16:23:12.0440 0x1e48  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:23:12.0441 0x1e48  Wd - ok
16:23:12.0484 0x1e48  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:23:12.0498 0x1e48  Wdf01000 - ok
16:23:12.0518 0x1e48  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:23:12.0521 0x1e48  WdiServiceHost - ok
16:23:12.0524 0x1e48  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:23:12.0526 0x1e48  WdiSystemHost - ok
16:23:12.0569 0x1e48  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:23:12.0579 0x1e48  WebClient - ok
16:23:12.0596 0x1e48  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:23:12.0605 0x1e48  Wecsvc - ok
16:23:12.0615 0x1e48  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:23:12.0620 0x1e48  wercplsupport - ok
16:23:12.0632 0x1e48  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:23:12.0638 0x1e48  WerSvc - ok
16:23:12.0651 0x1e48  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:23:12.0654 0x1e48  WfpLwf - ok
16:23:12.0669 0x1e48  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:23:12.0672 0x1e48  WIMMount - ok
16:23:12.0685 0x1e48  WinDefend - ok
16:23:12.0694 0x1e48  WinHttpAutoProxySvc - ok
16:23:12.0736 0x1e48  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:23:12.0744 0x1e48  Winmgmt - ok
16:23:12.0830 0x1e48  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
16:23:12.0864 0x1e48  WinRM - ok
16:23:12.0891 0x1e48  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:23:12.0893 0x1e48  WinUsb - ok
16:23:12.0934 0x1e48  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:23:12.0952 0x1e48  Wlansvc - ok
16:23:12.0989 0x1e48  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:23:12.0991 0x1e48  wlcrasvc - ok
16:23:13.0050 0x1e48  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:23:13.0099 0x1e48  wlidsvc - ok
16:23:13.0120 0x1e48  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:23:13.0121 0x1e48  WmiAcpi - ok
16:23:13.0136 0x1e48  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:23:13.0140 0x1e48  wmiApSrv - ok
16:23:13.0143 0x1e48  WMPNetworkSvc - ok
16:23:13.0153 0x1e48  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:23:13.0156 0x1e48  WPCSvc - ok
16:23:13.0167 0x1e48  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:23:13.0172 0x1e48  WPDBusEnum - ok
16:23:13.0174 0x1e48  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:23:13.0175 0x1e48  ws2ifsl - ok
16:23:13.0190 0x1e48  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
16:23:13.0194 0x1e48  wscsvc - ok
16:23:13.0210 0x1e48  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
16:23:13.0212 0x1e48  WSDPrintDevice - ok
16:23:13.0219 0x1e48  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
16:23:13.0221 0x1e48  WSDScan - ok
16:23:13.0223 0x1e48  WSearch - ok
16:23:13.0326 0x1e48  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:23:13.0375 0x1e48  wuauserv - ok
16:23:13.0388 0x1e48  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:23:13.0391 0x1e48  WudfPf - ok
16:23:13.0405 0x1e48  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:23:13.0427 0x1e48  WUDFRd - ok
16:23:13.0438 0x1e48  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:23:13.0441 0x1e48  wudfsvc - ok
16:23:13.0491 0x1e48  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:23:13.0500 0x1e48  WwanSvc - ok
16:23:13.0513 0x1e48  ================ Scan global ===============================
16:23:13.0537 0x1e48  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:23:13.0569 0x1e48  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:23:13.0581 0x1e48  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:23:13.0594 0x1e48  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:23:13.0621 0x1e48  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:23:13.0629 0x1e48  [ Global ] - ok
16:23:13.0630 0x1e48  ================ Scan MBR ==================================
16:23:13.0639 0x1e48  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:23:13.0787 0x1e48  \Device\Harddisk0\DR0 - ok
16:23:13.0788 0x1e48  ================ Scan VBR ==================================
16:23:13.0790 0x1e48  [ 35220977979DBE848392C6BD91C79B6C ] \Device\Harddisk0\DR0\Partition1
16:23:13.0853 0x1e48  \Device\Harddisk0\DR0\Partition1 - ok
16:23:13.0885 0x1e48  [ 706A9E1A1948DDACF8059EA76086A662 ] \Device\Harddisk0\DR0\Partition2
16:23:13.0953 0x1e48  \Device\Harddisk0\DR0\Partition2 - ok
16:23:13.0953 0x1e48  ================ Scan generic autorun ======================
16:23:14.0257 0x1e48  [ D007799BCE71206A5783DD510D4BC36A, 393AB1CC0EADE8E2F8D424088539D2C810B9814EF547F1CD3292B9EAB655683F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:23:14.0506 0x1e48  RTHDVCPL - ok
16:23:14.0540 0x1e48  [ BE49AF92F13030E188DBE8E2841D173A, AFC312A888F63D34E4F4E27A3FF50D5569BCAF0DD061671CC661E778FEC02EEB ] C:\Windows\system32\igfxtray.exe
16:23:14.0544 0x1e48  IgfxTray - ok
16:23:14.0560 0x1e48  [ 664FF61BE83FCACBF67A8D307011ADF5, B5270D13A355002336D25C092C042CA8E36795D23EB81134418BB2A8ABFBDF66 ] C:\Windows\system32\hkcmd.exe
16:23:14.0567 0x1e48  HotKeysCmds - ok
16:23:14.0588 0x1e48  [ 899D435E1C190C204E349CE0E483098B, FC6E84D7A382FBCBF3B2DAA4B75BD78F447359F314C1CD4424759E2EC97FD2DE ] C:\Windows\system32\igfxpers.exe
16:23:14.0595 0x1e48  Persistence - ok
16:23:14.0760 0x1e48  [ 14D551ECD8C26A581EB41E0E431EBF0C, 06A84C6EDF754B5579B779EE6921289A51AD2C3F27574DF7870715590168DCFF ] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
16:23:14.0891 0x1e48  egui - ok
16:23:15.0023 0x1e48  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
16:23:15.0040 0x1e48  AdobeAAMUpdater-1.0 - ok
16:23:15.0058 0x1e48  [ DC73E11DC27E7D9AEF884EBE816C4240, 638485C85F7183E2B3060B8FD3189EA47F873B84EE34CAB99526A3A1CC3EE62B ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
16:23:15.0063 0x1e48  IAStorIcon - ok
16:23:15.0083 0x1e48  [ AE797B72D85E87D403FC11135507922C, F4FC1E5B9EA2DAB6CDF7FDEE279F7902D3A7832A8EE8CADEDE71E6A2F11FA938 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
16:23:15.0085 0x1e48  NUSB3MON - ok
16:23:15.0126 0x1e48  [ 0133E5265FDD7063F87856C9BD5156C9, 27C0389B3FA0209C6B4D1A8A75AAD23525DD3B5DB7B0CD7358D1D6417818C8EF ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
16:23:15.0130 0x1e48  LifeCam - ok
16:23:15.0227 0x1e48  [ 8AC10EC7431ABCB52A74CC9236907EB7, 40C1354165EDE1503D078C1274A9BA0B02C80B2628EB8BF663A23A87760B9C17 ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
16:23:15.0247 0x1e48  CanonQuickMenu - ok
16:23:15.0310 0x1e48  [ 6B53177248AC5327FFB5CB2D5C500C94, 2F03DA955BF63BDCA979B76B263FBE4EB1BA2A76476EF0D9145E66CAB781C67C ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
16:23:15.0320 0x1e48  IJNetworkScannerSelectorEX - ok
16:23:15.0467 0x1e48  [ 4CDF90E852837C827C855F8E8E2C5FE2, 1918CE3A880E2067D52C538096DA2D35DFCA2D742E2ED370CF2DFE22840024FD ] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe
16:23:15.0537 0x1e48  Intuit SyncManager - ok
16:23:15.0613 0x1e48  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:23:15.0630 0x1e48  Adobe ARM - ok
16:23:15.0779 0x1e48  [ 1F1A53C41C4A2C618D7230C8CDEC3622, 3C8F4A5A71D9789A7B2774AE35A9842F04A5556E4DE75FAA9647A411AD983BED ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
16:23:15.0832 0x1e48  Adobe Creative Cloud - ok
16:23:15.0905 0x1e48  [ C0134AE2C1D20F2324E389F65C8CA41A, 64CB9E9F141E14E49DA12FD79782E8BD64A81643EC43C8CDDA9F7EAE5BA8645E ] C:\Program Files (x86)\RingCentral\RingCentral Softphone\RCUI.exe
16:23:15.0923 0x1e48  RCUI - ok
16:23:15.0957 0x1e48  [ 95DC68CA2F4C0DA8F4D0489EE6646290, 75EA635FFE5F8204AA4FD23EF055DA17C11BB92FA27775B578E84AACD4BF6F19 ] C:\Program Files (x86)\RingCentral\RingCentral Softphone\RCHotKey.exe
16:23:15.0958 0x1e48  RCHotKey - ok
16:23:15.0959 0x1e48  Skype - ok
16:23:16.0033 0x1e48  [ FFB554A2B95F665C6C37714F3D99108B, 809D36D83E2EEAC8422B68C13D4D9385A69BD5BA420311E91EA9A40C83822350 ] C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_246_ActiveX.exe
16:23:16.0049 0x1e48  FlashPlayerUpdate - ok
16:23:16.0067 0x1e48  [ C0134AE2C1D20F2324E389F65C8CA41A, 64CB9E9F141E14E49DA12FD79782E8BD64A81643EC43C8CDDA9F7EAE5BA8645E ] C:\Program Files (x86)\RingCentral\RingCentral Softphone\RCUI.exe
16:23:16.0075 0x1e48  RCUI - ok
16:23:16.0078 0x1e48  [ 95DC68CA2F4C0DA8F4D0489EE6646290, 75EA635FFE5F8204AA4FD23EF055DA17C11BB92FA27775B578E84AACD4BF6F19 ] C:\Program Files (x86)\RingCentral\RingCentral Softphone\RCHotKey.exe
16:23:16.0078 0x1e48  RCHotKey - ok
16:23:16.0090 0x1e48  [ FFB554A2B95F665C6C37714F3D99108B, 809D36D83E2EEAC8422B68C13D4D9385A69BD5BA420311E91EA9A40C83822350 ] C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_246_ActiveX.exe
16:23:16.0097 0x1e48  FlashPlayerUpdate - ok
16:23:16.0098 0x1e48  Waiting for KSN requests completion. In queue: 51
16:23:17.0098 0x1e48  Waiting for KSN requests completion. In queue: 51
16:23:18.0098 0x1e48  Waiting for KSN requests completion. In queue: 51
16:23:19.0141 0x1e48  AV detected via SS2: ESET NOD32 Antivirus 6.0, C:\Program Files\ESET\ESET NOD32 Antivirus\ecmd.exe ( 6.0.308.0 ), 0x41000 ( enabled : updated )
16:23:19.0146 0x1e48  Win FW state via NFP2: enabled
16:23:21.0672 0x1e48  ============================================================
16:23:21.0672 0x1e48  Scan finished
16:23:21.0672 0x1e48  ============================================================
16:23:21.0681 0x19e4  Detected object count: 0
16:23:21.0681 0x19e4  Actual detected object count: 0

 

 

ADW Scan:

 

# AdwCleaner v4.106 - Report created 03/01/2015 at 16:28:24
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : RPA - SANCTUARYTWR01
# Running from : C:\Users\RPA\Desktop\adwcleaner_4.106.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

*************************

AdwCleaner[R0].txt - [777 octets] - [25/12/2014 03:04:43]
AdwCleaner[R1].txt - [833 octets] - [29/12/2014 19:27:40]
AdwCleaner[R2].txt - [952 octets] - [29/12/2014 19:56:40]
AdwCleaner[R3].txt - [1070 octets] - [03/01/2015 16:26:09]
AdwCleaner[R4].txt - [814 octets] - [03/01/2015 16:28:24]
AdwCleaner[S0].txt - [798 octets] - [25/12/2014 03:06:46]
AdwCleaner[S1].txt - [893 octets] - [29/12/2014 19:29:44]
AdwCleaner[S2].txt - [1012 octets] - [29/12/2014 19:58:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1051 octets] ##########

 

ADW Clean:

 

# AdwCleaner v4.106 - Report created 03/01/2015 at 16:30:00
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : RPA - SANCTUARYTWR01
# Running from : C:\Users\RPA\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

*************************

AdwCleaner[R0].txt - [777 octets] - [25/12/2014 03:04:43]
AdwCleaner[R1].txt - [833 octets] - [29/12/2014 19:27:40]
AdwCleaner[R2].txt - [952 octets] - [29/12/2014 19:56:40]
AdwCleaner[R3].txt - [1070 octets] - [03/01/2015 16:26:09]
AdwCleaner[R4].txt - [1131 octets] - [03/01/2015 16:28:24]
AdwCleaner[S0].txt - [798 octets] - [25/12/2014 03:06:46]
AdwCleaner[S1].txt - [893 octets] - [29/12/2014 19:29:44]
AdwCleaner[S2].txt - [1012 octets] - [29/12/2014 19:58:56]
AdwCleaner[S3].txt - [1053 octets] - [03/01/2015 16:30:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1113 octets] ##########

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x64
Ran by RPA on Sat 01/03/2015 at 16:36:58.55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/03/2015 at 16:38:37.54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,556 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:11 AM

Posted 03 January 2015 - 08:02 PM

Looks pretty clean so far..

you need to Update to Adobe Reader XI

Un check any boxes for installing extras like toolbars etc..


You can look in Control panel and uninstall any of these if there.
HD-Total-Plus, RemoveThaeAdAopp, UTUobEAdaBlock, SafeSaver, SupTab, ValueApps, Lollipop, Software Updated Version, DP1815, Video Player, Convert Files for Free, Plus-HD 1.3, BetterSurf, Trusted Web, PassShow, LyricsBuddy-1, YFavDownloads.com 1.2, Media Player 1.1, Savings Bull, Feven Pro 1.1, Websteroids, Savings Bull, HD-Plus 3.5, Re-markit

Edited by boopme, 03 January 2015 - 08:14 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users